CISOs are questioning what a crisis framework should look like>
Help Net Security – Anamarija Pogorelec
CISOs are increasingly recognizing that breaches are inevitable, with 84% believing a successful attack is likely to occur
This mindset influences how they allocate budgets and resources, emphasizing a critical need to quickly detect and investigate incidents
However, investigations typically suffer from delays, taking an average of 8.6 hours to engage forensic teams, which can significantly increase the financial impact of a breach
Visibility into their IT environment is limited, preventing teams from fully understanding incidents and effectively reporting them, sometimes leading to more than $1 million in unclear investigations
Staffing issues also hinder investigations, as 90% of CISOs report skill shortages in their teams
To improve resilience, organizations must enhance their investigative readiness by using frameworks that provide better visibility and reduce reliance on specialized personnel.
– 84% of CISOs believe a successful breach is inevitable, affecting their resource planning.
– Average delay in engaging forensic teams is 8.6 hours, leading to significant financial costs (about $114,000 per hour).
– Less than half of CISOs can answer basic questions during a breach, indicating confidence issues in crisis management frameworks.
– Average visibility into IT environments is only 57%, complicating incident investigations and reporting.
– Unclear investigations can cost organizations over $1 million, risking insurance claims and regulatory compliance.
– 90% of CISOs report skill shortages in their investigation teams, impacting their effectiveness.
– Organizations recover better when they invest in early investigations and maintain a clear response framework.
– Improved real-time visibility and response processes are essential for increased resilience against future breaches.
Link: https://www.helpnetsecurity.com/2025/12/03/binalyze-crisis-management-framework-report/